You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Leo Riguspi (JIRA)" <ji...@apache.org> on 2015/06/05 17:45:00 UTC
[jira] [Created] (AMQ-5829) Fake AMQP connections remain in
ActiveMQ and cause denial of service
Leo Riguspi created AMQ-5829:
--------------------------------
Summary: Fake AMQP connections remain in ActiveMQ and cause denial of service
Key: AMQ-5829
URL: https://issues.apache.org/jira/browse/AMQ-5829
Project: ActiveMQ
Issue Type: Bug
Components: Connector
Affects Versions: 5.11.1
Environment: Linux RedHat 5.5
Reporter: Leo Riguspi
Priority: Critical
Telnet connections on amqp and amqp+ssl transports remain visible in ActiveMQ (only from JMX!) even after they have been closed. Same happens for openssl connections.
This causes the maximumConnections limit to be reached and no more connections are accepted!!!
And it is therefore easy to perform a DoS.
To reproduce:
- configure ActiveMQ with the amqp or amqp+ssl transport
- monitor the connections via JMX, with jconsole (clientConnectors->amqp->remoteAddress)
- telnet on the transport port number
- see the new connection in Jconsole
- close the telnet session completely
- connection is still visible in jconsole
If you set the maximumConnections to 3, after three telnets nobody can connect!
- check
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)